Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xfqD-ZwQgn8QTR-QNDRMUR3Zvo.roa
File: 0xfqD-ZwQgn8QTR-QNDRMUR3Zvo.roa (raw, json)
Hash identifier: o/gfBIxbMZ2+SjBA56WNX0J0YhLHJW2kzZc6qNcZX/U=
Subject key identifier: D3:17:EA:0F:E6:70:42:09:FC:41:34:7E:40:D0:D1:31:44:77:66:FA
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A848F2D9CBE14E49C07406572A68F91DC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xfqD-ZwQgn8QTR-QNDRMUR3Zvo.roa
Signing time: Mon 11 Sep 2023 14:04:50 +0000
ROA not before: Mon 11 Sep 2023 14:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:848e:9e88/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:8f:2d:9c:be:14:e4:9c:07:40:65:72:a6:8f:91:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 14:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d317ea0fe6704209fc41347e40d0d131447766fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ad:c1:f0:22:81:a3:7a:ae:04:31:b2:59:1a:
58:20:2c:b7:56:24:68:c6:02:6a:ee:fa:0b:93:75:
c0:bf:14:19:c4:5b:62:70:b9:21:f8:a6:45:ed:4e:
9a:d4:26:39:79:9a:fd:6f:86:c4:88:c4:de:d8:13:
9a:65:77:b7:51:1c:3d:c0:fd:2c:45:ea:e4:4f:02:
a9:8c:e8:a4:97:d7:91:9c:04:8f:b4:10:60:2c:d8:
c7:cd:9b:86:46:08:94:f3:d9:20:34:5c:4e:b9:4f:
73:e3:f7:95:9b:dd:cf:be:9a:d0:b6:3e:df:12:70:
8b:d1:f3:d5:9c:72:de:9c:71:73:fc:1f:87:41:a8:
3e:35:61:fa:78:ec:b4:27:a9:f9:30:5a:98:4a:30:
d6:c2:21:c0:ed:44:95:7a:80:a1:c8:f5:4c:43:0a:
c7:73:7e:a1:32:29:05:a2:1f:68:eb:af:df:59:f3:
c8:84:19:8f:ac:ab:9d:8c:d0:e0:0a:3c:87:ff:07:
fd:a0:5a:bf:63:ab:01:12:73:52:68:fc:41:72:0c:
21:ba:57:c7:fe:de:25:96:3d:99:34:e4:ae:73:9a:
28:b7:04:d0:8c:81:ec:45:f3:17:2e:c5:86:12:3b:
6f:ce:80:31:1b:06:ab:9a:62:97:4f:95:97:7c:5a:
42:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:17:EA:0F:E6:70:42:09:FC:41:34:7E:40:D0:D1:31:44:77:66:FA
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xfqD-ZwQgn8QTR-QNDRMUR3Zvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:a5:ae:4f:94:7f:8a:0d:26:14:18:3a:21:3c:9c:95:2f:75:
d9:80:04:c5:5b:22:85:da:97:33:ee:c5:01:09:cf:12:ef:3f:
f4:e0:60:76:e8:63:f7:91:4e:44:23:1d:58:70:bd:4d:13:34:
53:6c:c3:58:43:54:aa:91:ee:f5:c3:b2:25:4b:e2:bc:63:7c:
85:f4:57:15:d3:e7:20:c7:05:c5:0a:3e:65:8f:9b:a5:79:a5:
1a:67:8f:f8:4c:9a:c9:b8:93:72:d1:dd:27:dc:e1:2e:ba:2c:
41:cd:d0:eb:46:a4:88:cf:7f:04:4b:f9:10:f0:b9:a3:5b:6c:
da:bb:13:07:8b:3a:05:cc:ec:9d:0a:95:5c:c9:7f:be:94:93:
6b:d0:df:f0:6c:84:f6:a9:14:5d:53:e5:6f:41:5c:ff:bc:3d:
f6:7f:a1:73:ee:96:60:c5:e9:fc:7a:49:27:29:e0:7b:ad:b6:
91:a3:96:f8:93:aa:10:19:63:7d:1a:f5:6d:22:36:a1:cf:33:
db:7d:84:6d:2d:c9:14:54:e8:10:9d:0e:66:34:d9:21:47:60:
ee:49:f3:28:a4:00:a5:b5:b8:c3:81:30:19:66:15:13:86:25:
f3:f5:bf:35:d8:1a:c3:b2:5a:8f:ee:49:30:cb:90:be:46:65:
92:5c:94:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqEjy2cvhTknAdAZXKmj5HcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMTQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzE3ZWEwZmU2NzA0MjA5ZmM0MTM0N2U0MGQwZDEzMTQ0Nzc2NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia3B8CKBo3quBDGyWRpYICy3ViRo
xgJq7voLk3XAvxQZxFticLkh+KZF7U6a1CY5eZr9b4bEiMTe2BOaZXe3URw9wP0s
RerkTwKpjOikl9eRnASPtBBgLNjHzZuGRgiU89kgNFxOuU9z4/eVm93PvprQtj7f
EnCL0fPVnHLenHFz/B+HQag+NWH6eOy0J6n5MFqYSjDWwiHA7USVeoChyPVMQwrH
c36hMikFoh9o66/fWfPIhBmPrKudjNDgCjyH/wf9oFq/Y6sBEnNSaPxBcgwhulfH
/t4llj2ZNOSuc5ootwTQjIHsRfMXLsWGEjtvzoAxGwarmmKXT5WXfFpCTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMX6g/mcEIJ/EE0fkDQ0TFEd2b6MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMHhmcUQtWndRZ244UVRSLVFORFJNVVIzWnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACelrk+Uf4oNJhQYOiE8
nJUvddmABMVbIoXalzPuxQEJzxLvP/TgYHboY/eRTkQjHVhwvU0TNFNsw1hDVKqR
7vXDsiVL4rxjfIX0VxXT5yDHBcUKPmWPm6V5pRpnj/hMmsm4k3LR3Sfc4S66LEHN
0OtGpIjPfwRL+RDwuaNbbNq7EweLOgXM7J0KlVzJf76Uk2vQ3/BshPapFF1T5W9B
XP+8PfZ/oXPulmDF6fx6SScp4HuttpGjlviTqhAZY30a9W0iNqHPM9t9hG0tyRRU
6BCdDmY02SFHYO5J8yikAKW1uMOBMBlmFROGJfP1vzXYGsOyWo/uSTDLkL5GZZJc
lO0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:45 2023 by rpki-client on console.sobornost.net